For IP-in-IP tunnels, one can specify the [no]allow-localremote command
when configuring a device. Under the hood, this flips the
IP6_TNL_F_ALLOW_LOCAL_REMOTE flag on the netdevice. However, ip6gretap
and ip6erspan devices, where the flag is also relevant, are not IP-in-IP
tunnels, and thus there's no way to configure the flag on these
netdevices. Therefore introduce the command to link_gre6 as well.
The original support was introduced in commit
21440d19d957 ("ip: link_ip6tnl.c/ip6tunnel.c: Support
IP6_TNL_F_ALLOW_LOCAL_REMOTE flag")
Signed-off-by: Petr Machata <pe...@mellanox.com>
---
Notes:
Changes from v1 to v2:
- Rebase to iproute2-next
ip/link_gre6.c | 11 +++++++++++
man/man8/ip-link.8.in | 14 ++++++++++++++
2 files changed, 25 insertions(+)
diff --git a/ip/link_gre6.c b/ip/link_gre6.c
index 6c77038..e0746bc 100644
--- a/ip/link_gre6.c
+++ b/ip/link_gre6.c
@@ -48,6 +48,7 @@ static void gre_print_help(struct link_util *lu, int argc,
char **argv, FILE *f)
" [ dscp inherit ]\n"
" [ dev PHYS_DEV ]\n"
" [ fwmark MARK ]\n"
+ " [ [no]allow-localremote ]\n"
" [ external ]\n"
" [ noencap ]\n"
" [ encap { fou | gue | none } ]\n"
@@ -346,6 +347,10 @@ get_failed:
invarg("invalid fwmark\n", *argv);
flags &= ~IP6_TNL_F_USE_ORIG_FWMARK;
}
+ } else if (strcmp(*argv, "allow-localremote") == 0) {
+ flags |= IP6_TNL_F_ALLOW_LOCAL_REMOTE;
+ } else if (strcmp(*argv, "noallow-localremote") == 0) {
+ flags &= ~IP6_TNL_F_ALLOW_LOCAL_REMOTE;
} else if (strcmp(*argv, "encaplimit") == 0) {
NEXT_ARG();
if (strcmp(*argv, "none") == 0) {
@@ -534,6 +539,12 @@ static void gre_print_opt(struct link_util *lu, FILE *f,
struct rtattr *tb[])
if (oflags & GRE_CSUM)
print_bool(PRINT_ANY, "ocsum", "ocsum ", true);
+ if (flags & IP6_TNL_F_ALLOW_LOCAL_REMOTE)
+ print_bool(PRINT_ANY,
+ "ip6_tnl_f_allow_local_remote",
+ "allow-localremote ",
+ true);
+
if (flags & IP6_TNL_F_USE_ORIG_FWMARK) {
print_bool(PRINT_ANY,
"ip6_tnl_f_use_orig_fwmark",
diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
index 481589e..5dee9fc 100644
--- a/man/man8/ip-link.8.in
+++ b/man/man8/ip-link.8.in
@@ -793,6 +793,8 @@ the following additional arguments are supported:
] [
.BI "dscp inherit"
] [
+.BI "[no]allow-localremote"
+] [
.BI dev " PHYS_DEV "
] [
.RB external
@@ -857,6 +859,11 @@ flag is equivalent to the combination
- specifies a fixed flowlabel.
.sp
+.BI [no]allow-localremote
+- specifies whether to allow remote endpoint to have an address configured on
+local host.
+
+.sp
.BI tclass " TCLASS"
- specifies the traffic class field on
tunneled packets, which can be specified as either a two-digit
@@ -927,6 +934,8 @@ the following additional arguments are supported:
] [
.BR erspan_hwid " \fIhwid "
] [
+.BI "[no]allow-localremote"
+] [
.RB external
]
@@ -965,6 +974,11 @@ traffic's source port and direction.
is a 6-bit value for users to configure.
.sp
+.BI [no]allow-localremote
+- specifies whether to allow remote endpoint to have an address configured on
+local host.
+
+.sp
.BR external
- make this tunnel externally controlled (or not, which is the default).
In the kernel, this is referred to as collect metadata mode. This flag is
--
2.4.11
